Посмотрите пожалуйста логи! НОД удалил штук 30 гадов, может что то еще есть.
Printable View
Посмотрите пожалуйста логи! НОД удалил штук 30 гадов, может что то еще есть.
ПОСМОТРИТЕ! Помогите А........ ПЛИЗ
Гадов похоже что нет, а вот мусора от них много осталось.
Пофиксите в HijackThis:
[code]
O1 - Hosts: 202.165.102.205 972.aksjd11.com
O1 - Hosts: 202.165.102.205 w3og.cn
O1 - Hosts: 203.208.35.100 qazc.fourtw.cn
O1 - Hosts: 203.208.35.100 www.aujoy.cn
O1 - Hosts: 203.208.35.101 www.hao601.cn
O1 - Hosts: 203.208.35.101 www.psp476.cn
O1 - Hosts: 72.14.235.99 222.1212l112.net
O1 - Hosts: 72.14.235.99 444.1212l112.netn
O1 - Hosts: 72.14.235.99 555.1212l112.net
O1 - Hosts: 72.14.235.99 111.1212l112.net
O1 - Hosts: 65.55.21.250 111.3243l24.com
O1 - Hosts: 65.55.21.250 222.3243l24.com
O1 - Hosts: 65.55.21.250 333.3243l24.com
O1 - Hosts: 125.64.8.112 kao2.gmwo03.com
O1 - Hosts: 125.64.8.112 kao.gmwo06.com
O1 - Hosts: 125.64.8.112 444.gmwo07.com
O1 - Hosts: 116.252.185.15 ru.update365.us
O1 - Hosts: 116.252.185.15 ad.update365.us
O1 - Hosts: 207.46.232.182 popmails.net
O1 - Hosts: 203.208.37.99 3.goodhh.com
O1 - Hosts: 220.181.37.55 down.rwixr.com
O1 - Hosts: 160.79.42.52 www.xdj2008.com
O1 - Hosts: 63.175.76.152 www.revtr.cn
O1 - Hosts: 219.133.40.91 qq.ljsll.com
O1 - Hosts: 203.208.35.102 www.aassccwe.cn
O1 - Hosts: 209.132.177.50 973.aksjd11.com
O1 - Hosts: 209.132.177.50 974.aksjd11.com
O1 - Hosts: 209.132.177.50 971.aksjd11.com
O1 - Hosts: 209.132.177.50 975.aksjd11.com
O1 - Hosts: 72.14.235.104 user1.12-39.net
O1 - Hosts: 72.14.235.147 www.infomt.net
O1 - Hosts: 192.150.18.101 ata1.sysions.net
O1 - Hosts: 192.150.18.101 ata2.sysions.net
O1 - Hosts: 192.150.18.101 ata3.sysions.net
O1 - Hosts: 192.150.18.101 ata4.sysions.net
O1 - Hosts: 193.120.42.226 8nnnnn99.cn
O1 - Hosts: 24.39.54.34 www.haoaoao.cn
O2 - BHO: swsxachu.dll - {13FD5987-65D2-C58D-D87E-987451F12531} - C:\WINDOWS\system32\swsxachu.dll (file missing)
O2 - BHO: tisqatyu.dll - {18093456-9012-4568-9076-908765467181} - C:\WINDOWS\system32\tisqatyu.dll (file missing)
O2 - BHO: ijdyapaw.dll - {1A698452-C5D8-C584-C256-C264C987C5A1} - C:\WINDOWS\system32\ijdyapaw.dll (file missing)
O2 - BHO: erxybloe.dll - {20909876-4567-3908-4056-909834565102} - C:\WINDOWS\system32\erxybloe.dll (file missing)
O2 - BHO: opshbbty.dll - {22596546-2036-9451-6058-658402589722} - C:\WINDOWS\system32\opshbbty.dll (file missing)
O2 - BHO: rijxbkin.dll - {25FD6584-698F-BCD2-602C-698745210352} - C:\WINDOWS\system32\rijxbkin.dll (file missing)
O2 - BHO: lassaplo.dll - {2B69874A-C58C-458D-69F0-698F874E41B2} - C:\WINDOWS\system32\lassaplo.dll (file missing)
O2 - BHO: skqncbib.dll - {32023698-6984-8541-9654-698745012523} - C:\WINDOWS\system32\skqncbib.dll (file missing)
O2 - BHO: yxcschlp.dll - {35671234-7890-ABCD-CDEF-567801237653} - C:\WINDOWS\system32\yxcschlp.dll (file missing)
O2 - BHO: nhmxcjkl.dll - {37AC9076-C898-B098-D098-A18319080973} - C:\WINDOWS\system32\nhmxcjkl.dll (file missing)
O2 - BHO: akjsckaq.dll - {3A908760-8000-4000-A000-9000322145A3} - C:\WINDOWS\system32\akjsckaq.dll (file missing)
O2 - BHO: lijzclit.dll - {3C954872-1230-6541-9548-6541025884C3} - C:\WINDOWS\system32\lijzclit.dll (file missing)
O2 - BHO: oswxdttb.dll - {43512378-9874-5641-1025-985420368734} - C:\WINDOWS\system32\oswxdttb.dll (file missing)
O2 - BHO: mpwddapi.dll - {45694105-5108-9405-3695-954187462154} - C:\WINDOWS\system32\mpwddapi.dll (file missing)
O2 - BHO: mpmydapi.dll - {4629FF4F-ACDB-5C90-A098-FACB3456A264} - C:\WINDOWS\system32\mpmydapi.dll (file missing)
O2 - BHO: nhmxdjkl.dll - {47AC9076-C898-B098-D098-A18319080974} - C:\WINDOWS\system32\nhmxdjkl.dll (file missing)
O2 - BHO: akjsdkaq.dll - {4A908760-8000-4000-A000-9000322145A4} - C:\WINDOWS\system32\akjsdkaq.dll (file missing)
O2 - BHO: arjrbler.dll - {4C69034A-F45F-D34D-A33A-C33C4D324FC4} - C:\WINDOWS\system32\arjrbler.dll (file missing)
O2 - BHO: zptlcsys.dll - {50940F85-F015-14F1-A05F-F69858AC6D05} - C:\WINDOWS\system32\zptlcsys.dll (file missing)
O2 - BHO: ptjhehlp.dll - {528DF602-9541-A985-210A-984A698C6F25} - C:\WINDOWS\system32\ptjhehlp.dll (file missing)
O2 - BHO: pjjxedwd.dll - {54FAE856-AD58-20CB-A025-CD4895FA6E45} - C:\WINDOWS\system32\pjjxedwd.dll (file missing)
O2 - BHO: mpwdeapi.dll - {55694105-5108-9405-3695-954187462155} - C:\WINDOWS\system32\mpwdeapi.dll (file missing)
O2 - BHO: ozfyebyt.dll - {5A069845-2036-6084-9054-6087502480A5} - C:\WINDOWS\system32\ozfyebyt.dll (file missing)
O2 - BHO: arjrcler.dll - {5C69034A-F45F-D34D-A33A-C33C4D324FC5} - C:\WINDOWS\system32\arjrcler.dll (file missing)
O2 - BHO: tysqbkol.dll - {5D098345-6785-1098-5413-678067AE03D5} - C:\WINDOWS\system32\tysqbkol.dll (file missing)
O2 - BHO: apsgejba.dll - {5FD45A54-9875-698F-E56E-65102358FDF5} - C:\WINDOWS\system32\apsgejba.dll (file missing)
O2 - BHO: pqzfajke.dll - {60A345CD-ABCD-EFAB-CDEF-ABCD01020306} - C:\WINDOWS\system32\pqzfajke.dll (file missing)
O2 - BHO: mpmyfapi.dll - {6629FF4F-ACDB-5C90-A098-FACB3456A266} - C:\WINDOWS\system32\mpmyfapi.dll (file missing)
O2 - BHO: zxmscwin.dll - {6A041F13-A111-12A3-B0CF-F99818AA68A6} - C:\WINDOWS\system32\zxmscwin.dll (file missing)
O2 - BHO: oohxebyt.dll - {6B1AEF69-DDAE-FDAD-DCAB-698F026ABDB6} - C:\WINDOWS\system32\oohxebyt.dll (file missing)
O2 - BHO: mndhfdwd.dll - {6C648541-1025-9650-9057-6541258720C6} - C:\WINDOWS\system32\mndhfdwd.dll (file missing)
O2 - BHO: arjrdler.dll - {6C69034A-F45F-D34D-A33A-C33C4D324FC6} - C:\WINDOWS\system32\arjrdler.dll (file missing)
O2 - BHO: apsgfjba.dll - {6FD45A54-9875-698F-E56E-65102358FDF6} - C:\WINDOWS\system32\apsgfjba.dll (file missing)
O2 - BHO: mpmygapi.dll - {7629FF4F-ACDB-5C90-A098-FACB3456A267} - C:\WINDOWS\system32\mpmygapi.dll (file missing)
O2 - BHO: mndsgsrv.dll - {77FD640A-158F-48AC-FD14-1597F14A9777} - C:\WINDOWS\system32\mndsgsrv.dll (file missing)
O2 - BHO: zxmsdwin.dll - {7A041F13-A111-12A3-B0CF-F99818AA68A7} - C:\WINDOWS\system32\zxmsdwin.dll (file missing)
O2 - BHO: arjreler.dll - {7C69034A-F45F-D34D-A33A-C33C4D324FC7} - C:\WINDOWS\system32\arjreler.dll (file missing)
O2 - BHO: mnmhgsrv.dll - {7C8D1401-A58D-A81C-CD24-A5915C4517C7} - C:\WINDOWS\system32\mnmhgsrv.dll (file missing)
O2 - BHO: apsggjba.dll - {7FD45A54-9875-698F-E56E-65102358FDF7} - C:\WINDOWS\system32\apsggjba.dll (file missing)
O2 - BHO: ypcqghlp.dll - {80AF1289-F140-A140-D012-C1458759FC08} - C:\WINDOWS\system32\ypcqghlp.dll (file missing)
O2 - BHO: yxfhcjpg.dll - {83BA45AF-FAAA-CDDD-BEEE-BCDE1234AB38} - C:\WINDOWS\system32\yxfhcjpg.dll (file missing)
O2 - BHO: mpmyhapi.dll - {8629FF4F-ACDB-5C90-A098-FACB3456A268} - C:\WINDOWS\system32\mpmyhapi.dll (file missing)
O2 - BHO: mndshsrv.dll - {87FD640A-158F-48AC-FD14-1597F14A9778} - C:\WINDOWS\system32\mndshsrv.dll (file missing)
O2 - BHO: ypdjgbmp.dll - {91954FAC-1023-154F-895A-1458258AD819} - C:\WINDOWS\system32\ypdjgbmp.dll (file missing)
O2 - BHO: yzztimsn.dll - {9490415F-65F8-B5C5-D8BA-9405FB120549} - C:\WINDOWS\system32\yzztimsn.dll (file missing)
O2 - BHO: jke34kl32.dll - {9629FF4F-ACDB-5C90-A098-FACB3456A269} - C:\WINDOWS\system32\jke34kl32.dll (file missing)
O2 - BHO: ThunderAdvise - {97421D0D-E07F-40DF-8F07-99597B9585AD} - C:\WINDOWS\Downloaded Program Files\ThunderAdvise.dll (file missing)
O2 - BHO: yzztjmsn.dll - {A490415F-65F8-B5C5-D8BA-9405FB12054A} - C:\WINDOWS\system32\yzztjmsn.dll (file missing)
O2 - BHO: s2da2f323.dll - {A629FF4F-ACDB-5C90-A098-FACB3456A26A} - C:\WINDOWS\system32\s2da2f323.dll (file missing)
O2 - BHO: zyzxjime.dll - {AA59145F-315D-BC23-AC1F-145DF81A34AA} - C:\WINDOWS\system32\zyzxjime.dll (file missing)
O2 - BHO: yzztkmsn.dll - {B490415F-65F8-B5C5-D8BA-9405FB12054B} - C:\WINDOWS\system32\yzztkmsn.dll (file missing)
O2 - BHO: hdf453d.dll - {B629FF4F-ACDB-5C90-A098-FACB3456A26B} - C:\WINDOWS\system32\hdf453d.dll (file missing)
O20 - AppInit_DLLs: tisqatyu.dll,skqncbib.dll,akjsdkaq.dll,yzztkmsn.dll,nhmxdjkl.dll,arjreler.dll
O21 - SSODL: ThunderAdvise - {97421D0D-E07F-40DF-8F07-99597B9585AD} - C:\WINDOWS\Downloaded Program Files\ThunderAdvise.dll (file missing)
O21 - SSODL: midimapyt2 - {4F4F0064-71E0-4f0d-0028-708476C7815F} - C:\WINDOWS\system32\midimapyt2.dll (file missing)
O21 - SSODL: mstimewd - {00180018-0018-0018-0018-00180018BB15} - C:\WINDOWS\system32\mstimewd.dll (file missing)
[/code]
Выполните скрипт в AVZ:
[code]
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
DeleteFile('C:\WINDOWS\system32\akjsckaq.dll');
DeleteFile('C:\WINDOWS\system32\akjsdkaq.dll');
DeleteFile('C:\WINDOWS\system32\apsgejba.dll');
DeleteFile('C:\WINDOWS\system32\apsgfjba.dll');
DeleteFile('C:\WINDOWS\system32\apsggjba.dll');
DeleteFile('C:\WINDOWS\system32\arjrbler.dll');
DeleteFile('C:\WINDOWS\system32\arjrcler.dll');
DeleteFile('C:\WINDOWS\system32\arjrdler.dll');
DeleteFile('C:\WINDOWS\system32\arjreler.dll');
DeleteFile('C:\WINDOWS\system32\erxybloe.dll');
DeleteFile('C:\WINDOWS\system32\hdf453d.dll');
DeleteFile('C:\WINDOWS\system32\ijdyapaw.dll');
DeleteFile('C:\WINDOWS\system32\jke34kl32.dll');
DeleteFile('C:\WINDOWS\system32\lassaplo.dll');
DeleteFile('C:\WINDOWS\system32\lijzclit.dll');
DeleteFile('C:\WINDOWS\system32\midimapyt2.dll');
DeleteFile('C:\WINDOWS\system32\mndhfdwd.dll');
DeleteFile('C:\WINDOWS\system32\mndsgsrv.dll');
DeleteFile('C:\WINDOWS\system32\mndshsrv.dll');
DeleteFile('C:\WINDOWS\system32\mnmhgsrv.dll');
DeleteFile('C:\WINDOWS\system32\mpmydapi.dll');
DeleteFile('C:\WINDOWS\system32\mpmyfapi.dll');
DeleteFile('C:\WINDOWS\system32\mpmygapi.dll');
DeleteFile('C:\WINDOWS\system32\mpmyhapi.dll');
DeleteFile('C:\WINDOWS\system32\mpwddapi.dll');
DeleteFile('C:\WINDOWS\system32\mpwdeapi.dll');
DeleteFile('C:\WINDOWS\system32\mstimewd.dll');
DeleteFile('C:\WINDOWS\system32\nhmxcjkl.dll');
DeleteFile('C:\WINDOWS\system32\nhmxdjkl.dll');
DeleteFile('C:\WINDOWS\system32\oohxebyt.dll');
DeleteFile('C:\WINDOWS\system32\opshbbty.dll');
DeleteFile('C:\WINDOWS\system32\oswxdttb.dll');
DeleteFile('C:\WINDOWS\system32\ozfyebyt.dll');
DeleteFile('C:\WINDOWS\system32\pjjxedwd.dll');
DeleteFile('C:\WINDOWS\system32\pqzfajke.dll');
DeleteFile('C:\WINDOWS\system32\ptjhehlp.dll');
DeleteFile('C:\WINDOWS\system32\rijxbkin.dll');
DeleteFile('C:\WINDOWS\system32\s2da2f323.dll');
DeleteFile('C:\WINDOWS\system32\skqncbib.dll');
DeleteFile('C:\WINDOWS\system32\swsxachu.dll');
DeleteFile('C:\WINDOWS\system32\tisqatyu.dll');
DeleteFile('C:\WINDOWS\system32\tysqbkol.dll');
DeleteFile('C:\WINDOWS\system32\ypcqghlp.dll');
DeleteFile('C:\WINDOWS\system32\ypdjgbmp.dll');
DeleteFile('C:\WINDOWS\system32\yxcschlp.dll');
DeleteFile('C:\WINDOWS\system32\yxfhcjpg.dll');
DeleteFile('C:\WINDOWS\system32\yzztimsn.dll');
DeleteFile('C:\WINDOWS\system32\yzztjmsn.dll');
DeleteFile('C:\WINDOWS\system32\yzztkmsn.dll');
DeleteFile('C:\WINDOWS\system32\zptlcsys.dll');
DeleteFile('C:\WINDOWS\system32\zxmscwin.dll');
DeleteFile('C:\WINDOWS\system32\zxmsdwin.dll');
DeleteFile('C:\WINDOWS\system32\zyzxjime.dll');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.[/code]
Компьютер перезагрузится.
Сделайте новые логи, начиная с п.10 правил.
Логи
Вроде все! Или еще что то есть?